From 1346fc65aa02ff2d669ee9a50e5a1db285736b51 Mon Sep 17 00:00:00 2001 From: LordGhostX <47832826+LordGhostX@users.noreply.github.com> Date: Fri, 7 Jul 2023 02:17:02 +0100 Subject: [PATCH] add peer exchange nwaku config (#83) * add peer exchange nwaku config * add PX security note --- docs/guides/nwaku/configure-discovery.md | 68 +++++++++++++++++------- docs/guides/nwaku/run-docker.md | 8 +-- docs/guides/run-nwaku-node.md | 3 +- docs/overview/concepts/peer-exchange.md | 6 ++- 4 files changed, 60 insertions(+), 25 deletions(-) diff --git a/docs/guides/nwaku/configure-discovery.md b/docs/guides/nwaku/configure-discovery.md index 86717ef..b89bdf5 100644 --- a/docs/guides/nwaku/configure-discovery.md +++ b/docs/guides/nwaku/configure-discovery.md @@ -14,31 +14,31 @@ You can provide static peers to a `nwaku` node during startup using the `staticn ```bash ./build/wakunode2 \ - --staticnode:[Libp2p MULTIADDR PEER 1] \ - --staticnode:[Libp2p MULTIADDR PEER 2] + --staticnode=[PEER MULTIADDR 1] \ + --staticnode=[PEER MULTIADDR 2] ``` For instance, consider a `nwaku` node that connects to two static peers on the same local host (IP: `0.0.0.0`) using TCP ports `60002` and `60003`: ```bash ./build/wakunode2 \ - --staticnode:/ip4/0.0.0.0/tcp/60002/p2p/16Uiu2HAkzjwwgEAXfeGNMKFPSpc6vGBRqCdTLG5q3Gmk2v4pQw7H \ - --staticnode:/ip4/0.0.0.0/tcp/60003/p2p/16Uiu2HAmFBA7LGtwY5WVVikdmXVo3cKLqkmvVtuDu63fe8safeQJ + --staticnode=/ip4/0.0.0.0/tcp/60002/p2p/16Uiu2HAkzjwwgEAXfeGNMKFPSpc6vGBRqCdTLG5q3Gmk2v4pQw7H \ + --staticnode=/ip4/0.0.0.0/tcp/60003/p2p/16Uiu2HAmFBA7LGtwY5WVVikdmXVo3cKLqkmvVtuDu63fe8safeQJ ``` ## Configure DNS Discovery To enable [DNS Discovery](/overview/concepts/dns-discovery) in a `nwaku` node, use the following configuration options: -- `dns-discovery`: Enables DNS Discovery on the node (disabled by default). +- `dns-discovery`: Enables `DNS Discovery` on the node (disabled by default). - `dns-discovery-url`: URL for DNS node list in the format `enrtree://@` where `` is the fully qualified domain name and `` is the base32 encoding of the compressed 32-byte public key that signed the list at that location. - `dns-discovery-name-server` (optional): DNS name server IPs to query. You can repeat this option to provide multiple DNS name servers. ```bash ./build/wakunode2 \ - --dns-discovery:true \ - --dns-discovery-url:[DNS NODE LIST] \ - --dns-discovery-name-server:[DNS NAME SERVER IP] + --dns-discovery=true \ + --dns-discovery-url=[DNS NODE LIST] \ + --dns-discovery-name-server=[DNS NAME SERVER IP] ``` :::info @@ -49,34 +49,64 @@ For instance, consider a `nwaku` node that enables `DNS Discovery`, connects to ```bash ./build/wakunode2 \ - --dns-discovery:true \ - --dns-discovery-url:enrtree://AOGECG2SPND25EEFMAJ5WF3KSGJNSGV356DSTL2YVLLZWIV6SAYBM@test.waku.nodes.status.im \ - --dns-discovery-name-server:8.8.8.8 \ - --dns-discovery-name-server:8.8.4.4 + --dns-discovery=true \ + --dns-discovery-url=enrtree://AOGECG2SPND25EEFMAJ5WF3KSGJNSGV356DSTL2YVLLZWIV6SAYBM@test.waku.nodes.status.im \ + --dns-discovery-name-server=8.8.8.8 \ + --dns-discovery-name-server=8.8.4.4 ``` ## Configure Discv5 To enable [Discv5](/overview/concepts/discv5) in a `nwaku` node, use the following configuration options: -- `discv5-discovery`: Enables Discv5 on the node (disabled by default). -- `discv5-bootstrap-node`: ENR for Discv5 routing table bootstrap node. You can repeat this option to provide multiple bootstrap entries. +- `discv5-discovery`: Enables `Discv5` on the node (disabled by default). +- `discv5-bootstrap-node`: ENR for `Discv5` routing table bootstrap node. You can repeat this option to provide multiple bootstrap entries. ```bash ./build/wakunode2 \ - --discv5-discovery:true \ - --discv5-bootstrap-node:[DISCV5 ENR BOOTSTRAP ENTRY 1] \ - --discv5-bootstrap-node:[DISCV5 ENR BOOTSTRAP ENTRY 2] + --discv5-discovery=true \ + --discv5-bootstrap-node=[DISCV5 ENR BOOTSTRAP ENTRY 1] \ + --discv5-bootstrap-node=[DISCV5 ENR BOOTSTRAP ENTRY 2] ``` For instance, consider a `nwaku` node that enables `Discv5` and bootstraps its routing table using a static `ENR`: ```bash ./build/wakunode2 \ - --discv5-discovery:true \ - --discv5-bootstrap-node:enr:-IO4QDxToTg86pPCK2KvMeVCXC2ADVZWrxXSvNZeaoa0JhShbM5qed69RQz1s1mWEEqJ3aoklo_7EU9iIBcPMVeKlCQBgmlkgnY0iXNlY3AyNTZrMaEDdBHK1Gx6y_zv5DVw5Qb3DtSOMmVHTZO1WSORrF2loL2DdWRwgiMohXdha3UyAw + --discv5-discovery=true \ + --discv5-bootstrap-node=enr:-IO4QDxToTg86pPCK2KvMeVCXC2ADVZWrxXSvNZeaoa0JhShbM5qed69RQz1s1mWEEqJ3aoklo_7EU9iIBcPMVeKlCQBgmlkgnY0iXNlY3AyNTZrMaEDdBHK1Gx6y_zv5DVw5Qb3DtSOMmVHTZO1WSORrF2loL2DdWRwgiMohXdha3UyAw ``` :::info When Discv5 is enabled and used with [DNS Discovery](#configure-dns-discovery), the `nwaku` node will attempt to bootstrap the Discv5 routing table by extracting `ENRs` from peers discovered through DNS. +::: + +## Configure Peer Exchange + +To enable [Peer Exchange](/overview/concepts/peer-exchange) in a `nwaku` node, use the following configuration options: + +- `peer-exchange`: Enables `Peer Exchange` on the node as a responder (disabled by default). +- `peer-exchange-node` (optional): ENR for bootstrap node that has the peer exchange protocol enabled. + +```bash +./build/wakunode2 \ + --peer-exchange=true \ + --peer-exchange-node=[PEER MULTIADDR WITH EXCHANGE ENABLED] +``` + +For instance, consider two `nwaku` nodes configured as a `server` (peer exchange responder node) and `client` (node using peer exchange) on the same local host (IP: `0.0.0.0`): + +```bash title="Server: Nwaku Node with Peer Exchange Enabled" +./build/wakunode2 --peer-exchange=true +``` + +```bash title="Client: Nwaku Node Bootstrapping with Peer Exchange" +./build/wakunode2 \ + --tcp-port=30305 \ + --ports-shift=1 \ + --peer-exchange-node=/ip4/0.0.0.0/tcp/60000/p2p/16Uiu2HAmLCe6zVqCS6KMqqRbbhyoJjfYZGr1Q3thTSbyKzibQkFR +``` + +:::info +`nwaku` provides a [`relay-peer-exchange`](/guides/reference/node-config-options#relay-config) option via `libp2p` for peer exchange, allowing network growth through neighboring nodes. However, this feature can compromise security and network robustness, so we recommend only using it in high-trust environments. ::: \ No newline at end of file diff --git a/docs/guides/nwaku/run-docker.md b/docs/guides/nwaku/run-docker.md index b79cd86..6ed873d 100644 --- a/docs/guides/nwaku/run-docker.md +++ b/docs/guides/nwaku/run-docker.md @@ -45,10 +45,10 @@ Run `nwaku` using the most typical configuration: ```bash docker run -i -t -p 60000:60000 -p 9000:9000/udp statusteam/nim-waku \ - --dns-discovery:true \ - --dns-discovery-url:enrtree://AOGECG2SPND25EEFMAJ5WF3KSGJNSGV356DSTL2YVLLZWIV6SAYBM@prod.waku.nodes.status.im \ - --discv5-discovery \ - --nat:extip:[YOUR PUBLIC IP] # or, if you are behind a nat: --nat=any + --dns-discovery=true \ + --dns-discovery-url=enrtree://AOGECG2SPND25EEFMAJ5WF3KSGJNSGV356DSTL2YVLLZWIV6SAYBM@prod.waku.nodes.status.im \ + --discv5-discovery=true \ + --nat=extip:[YOUR PUBLIC IP] # or, if you are behind a nat: --nat=any ``` To find your public IP, use: diff --git a/docs/guides/run-nwaku-node.md b/docs/guides/run-nwaku-node.md index c67add7..bb1f923 100644 --- a/docs/guides/run-nwaku-node.md +++ b/docs/guides/run-nwaku-node.md @@ -57,6 +57,7 @@ To join the Waku Network, nodes must [bootstrap](/overview/reference/glossary#bo | Static Peers | Configure the bootstrap nodes that `nwaku` should establish connections upon startup | [Configure Static Peers](/guides/nwaku/configure-discovery#configure-static-peers) | | DNS Discovery | Enable `nwaku` to bootstrap nodes using the [DNS Discovery](/overview/concepts/dns-discovery) mechanism | [Configure DNS Discovery](/guides/nwaku/configure-discovery#configure-dns-discovery) | | Discv5 | Enable `nwaku` to discover peers using the [Discv5](/overview/concepts/discv5) mechanism | [Configure Discv5](/guides/nwaku/configure-discovery#configure-discv5) | +| Peer Exchange | Enable [Peer Exchange](/overview/concepts/peer-exchange) protocol for light nodes to request peers from your `nwaku` node | [Configure Peer Exchange](/guides/nwaku/configure-discovery#configure-peer-exchange) | :::tip You can configure a `nwaku` node to use multiple peer discovery mechanisms simultaneously. @@ -112,7 +113,7 @@ The `listenAddresses` field stores the node's listening addresses, while the `en You can find the addresses of a running node through its logs or by calling the `get_waku_v2_debug_v1_info` method of the [JSON RPC API](https://rfc.vac.dev/spec/16/). -:::tip +:::info When starting the node, `nwaku` will display all the public listening and discovery addresses at the `INFO` log level. ::: diff --git a/docs/overview/concepts/peer-exchange.md b/docs/overview/concepts/peer-exchange.md index 7b3b51c..c021831 100644 --- a/docs/overview/concepts/peer-exchange.md +++ b/docs/overview/concepts/peer-exchange.md @@ -2,7 +2,11 @@ title: Peer Exchange --- -The primary objective of this protocol is to facilitate peer connectivity for resource-limited devices. The peer exchange protocol enables lightweight nodes to request peers from other nodes within the network. Light nodes can bootstrap and expand their mesh independently without relying on `Discv5`. Please refer to the [Peer Exchange](https://rfc.vac.dev/spec/34/) specification to learn more. +The primary objective of this protocol is to facilitate peer connectivity for resource-limited devices without relying on `Discv5`. The peer exchange protocol enables light nodes to request peers from other nodes within the network. To learn more, please refer to the [Peer Exchange](https://rfc.vac.dev/spec/34/) specification. + +:::info +Peer Exchange enables requesting random peers from other network nodes without revealing information about their connectivity or neighborhood. +::: #### Pros